Total 50,473 skills, Security & Compliance has 1971 skills
Showing 12 of 1971 skills
Secure GraphQL APIs - authentication, authorization, rate limiting, and validation
IoT network traffic analyzer for detecting IoT protocols and identifying security vulnerabilities in network communications. Use when you need to analyze network traffic, identify IoT protocols, or assess network security of IoT devices.
This skill should be used when the user asks to "identify web application vulnerabilities", "explain common security flaws", "understand vulnerability categories", "learn about inject...
Triage and remediation workflow for Conviso vulnerabilities using conviso-cli, with safe defaults (read-only and preview-first) and explicit human approval for apply mode.
API security testing workflow for REST and GraphQL APIs covering authentication, authorization, rate limiting, input validation, and security best practices.
Application security covering threat modeling (STRIDE), OWASP Top 10 (2025), OWASP API Security Top 10 (2023), secure coding review, authentication/authorization patterns, input validation, encryption, security headers, supply chain security, compliance (GDPR/HIPAA/SOC2/PCI-DSS), and security monitoring. Use when reviewing code for vulnerabilities, implementing auth patterns, securing APIs, configuring security headers, hardening supply chain, preventing injection attacks, or preparing for compliance audits.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
OWASP Mobile Top 10 security testing for Android and iOS — local storage, certificate pinning bypass, IPC abuse, and binary protections.
Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.
Whole-codebase vulnerability analysis leveraging 1M context window. Loads entire project source, runs deep security analysis in a single pass. Opus 4.6 found 500 zero-day vulnerabilities in pre-release testing — this skill weaponizes that capability.
Audits project dependencies for license compliance, maintenance health, security vulnerabilities, and bloat. Analyzes both direct and transitive dependency trees, detects abandoned packages, identifies license conflicts (copyleft, unknown), checks for known CVEs, and finds unused or duplicate dependencies. Triggers on: "audit dependencies", "dependency check", "license check", "dependency health", "abandoned packages", "bloat check", "unused dependencies", "security audit dependencies", "dependency review", "license compliance", "package audit", "supply chain", "dependency risk". Use this skill when reviewing project dependencies for risk.
Enable, configure, and query Elasticsearch security audit logs. Use when the task involves audit logging setup, event filtering, or investigating security incidents like failed logins.